Hello, I have done other tests, and I can make the DNAT working when redirecting to another machine.
For example, when I redirect the service outside of BRIDGE, to another machine, the redirect is working. ( For example, if 192.168.1.2 is another machine on the same subnet as BRIDGE, I use this command : # iptables -t nat -A PREROUTING -i eth0 -d 212.11.36.175 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.2 and the Web service is working properly. ) The problem I have is when the packet is NATted to the bridge (or REDIRECTed), when there is no routing to be done. I tried, to have better clues, the following : # iptables -t nat -A PREROUTING -i eth0 -d 212.11.36.175 -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1 + echo "1" > log_martians And in syslog I do have : Mar 11 01:44:18 mail kernel: martian destination 127.0.0.1 from 217.151.0.130, dev br0 This also assures me that the packet rewriting do take place. But, when I use instead the local address of br0 (192.168.1.3), or the local address of br1 (another local bridge, 192.168.131.201), the packet seems to disappear. Any idea ? Best regards, Ludovic LANGE _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
